1992 Discover Awards: Computer Software

The computer chip has permeated just about every aspect of modern culture, from the way we educate our children to the way we manage our finances. But as the world enters the long-promised Silicon Age, a new danger looms on the horizon: computer fraud and forgery. Unlike paper documents, on which forensic scientists can easily spot the telltale signs of manipulation, digital documents are notoriously easy to fake.

Although we’ve yet to experience the first digital Watergate, the ease with which hackers can tamper with computer-generated documents, legal records, financial transfers, and digitized photography has security experts worried. Millions of people have personal computers and, consequently, access to the myriad desktop-publishing and image-retouching programs that make it easy to manipulate bits of digital information. In a few short minutes, a forger could remove one person from a group meeting or change the results of an AIDS test, and nobody would be the wiser.

Stuart Haber and Scott Stornetta are researchers at Bellcore, the joint research and engineering arm of the nation’s regional telephone companies. The threat of foul play prompted the two to investigate methods of securing the integrity of electronic documents. The system they created, dubbed the Digital Time-Stamp, is the first practical and foolproof electronic document security system.

In the spring of 1989, Stornetta was relaxing in the lounge at Xerox’s Palo Alto Research Center when he read about the now-famous fraud investigation of Thereza Imanishi-Kari. The MIT immunologist had been accused of faking laboratory data for a 1986 Cell article she coauthored with Nobel laureate David Baltimore. The Secret Service was called in to examine her notebooks, and forensic experts determined from ink and paper tests that some pages had been tampered with.

If Imanishi-Kari had kept her records on computer, Stornetta thought, it would have been virtually impossible to detect such tampering. I realized this was going to be a major problem, Stornetta says. People are lulled into a false sense of security with computers.

Around the same time Haber, a Bellcore cryptologist, became intrigued with the problem of how to authenticate when a digital document has been created or last modified. His first solution involved using the phone company as a sort of electronic safe-deposit box. Computer documents would be sent via modem to Bellcore, which would store them securely with a record of when they were submitted.

It was a simple but unsatisfying solution, Haber says, because it required the trust of a third party. Unscrupulous inventors could conceivably bribe someone at Bellcore to back date patent documents.

The challenge was to come up with a time-stamping method that didn’t require trust, says Haber. The only problem was that I was convinced it was impossible. Haber’s own mathematical proofs seemed to back up that assumption.

Haber set the problem aside until that fall, when Stornetta joined Bellcore. We hacked at it, and worked at it, and realized that my earlier mathematical proof was wrong, he says. In a month the researchers had laid the groundwork for a tamperproof, no-trust seal for authenticating electronic documents.

Their electronic notary system is based on cryptographic techniques. Instead of submitting an entire document to Bellcore to be time-stamped, a person need only send a tiny representation of the original. (This would satisfy users who want to keep their data--such as papers concerning a new invention--secret even from a time-stamping service.)

The small coded representation of a document is generated by a process known as one-way hashing, a mathematical procedure that creates a unique digital fingerprint of a document based on the arrangement of the letters, numbers, graphics, and symbols in the document.

Hashing a document generates a string of numbers and letters-- called the hash value--that is unique to that document. Changing even one character in the original will change the hash value, breaking the seal of authenticity. The one-way nature of the procedure also makes it impossible for a forger--or the stamping service--to reconstruct the full document from its hash value.

The chance of two documents having the same hash value is so remote, says Stornetta, that it would be like worrying about whether the sun will explode tonight. In Haber and Stornetta’s system, Bellcore acts as the time stamper, validating the time of arrival (via modem or computer network) of a document’s hash value. To prevent any back or forward dating, the system links each document’s time stamp to the hash value of the document Bellcore processed just before. Chaining the data together this way makes it impossible to insert or delete a document at a later date.

To check the authenticity of a document’s time stamp, an interested party need only recompute the hash value and compare the results with the chain of hash values on file with the time stamper.

An additional measure of security is assured by publishing the hash values in the New York Times. The time-stamping system combines the hash values of all the documents submitted each week in order to form a new hash value. The resulting blended hash value is printed in the Times as a garbled series of numbers and letters under Public and Commercial Notices. The ad serves as further proof that a particular document could not have been time-stamped before a specific date.

The most obvious applications of time-stamping include establishing chronology in patent and publishing disputes and ensuring the integrity of medical and financial records.

Bellcore has been experimenting with a working model of the Digital Time-Stamp software system for more than a year. Haber expects it to be available for licensing next year.

Thomas Ligon, president of ARC Scientific Simulations in Loveland, Colorado, for the development of Dance of the Planets, an astronomy simulation software package. This four-dimensional working model of the solar system and more than 16,000 night sky objects--from comets to quasars--uses realistic animated graphics along with detailed orbital simulations to model nearly all aspects of the night sky. With Dance of the Planets even the most difficult aspects of astronomy are accessible to the layperson. The program generates a dynamic, highly educational moving representation of the solar system, as seen from Earth or deep space perspectives, at any time from 4680 B.C. to A.D. 10,000.

George Fabel, president of CAChe Scientific in Beaverton, Oregon, for development of the CAChe Work System for computer-aided chemistry. This program allows a chemist to predict and under-stand the molecular structure and chemical activity of substances without ever touching them. It includes stereoscopic 3-D displays that allow chemists to accurately model new compounds and test existing ones. The software system helps slash the time, expense, and danger of developing new products. The user-friendly CAChe system also helps reduce chemists’ exposure to hazardous materials.

Derick Naef, director of advanced technology at Group Technologies in Arlington, Virginia, for the development of the Aspects document conferencing software package, a marriage of the conference call and electronic mail. Aspects is the first groupware application that enables several users connected to a Macintosh computer network to work simultaneously on the same document, drawing, or painting. The changes made by one party are immediately reflected on all other users’ screens. A new concept in software for brainstorming, Aspects represents an important advance for corporate meetings, group education, and problem solving.

Thomas Williams, manager of software development at Industrial Light and Magic in San Rafael, California, for the development of more than 20 proprietary software modules for creating cinematic special effects, including dramatic photo-realistic images of impossible transformations. This computer graphics innovation, often called the morphing process, created the revolutionary special effects for the films Terminator II: Judgment Day, Death Becomes Her, and Star Trek VI. The software process changes one shape into another by generating the intermediate shapes between them, permitting a smooth metamorphosis from, for example, a human form into a tile floor. The computer information the program generates can then be transferred to film. This ILM software innovation gives filmmakers a practical way to realistically depict even the most outlandish ideas conceived by a director.